package com.definity.toolkit.web.interceptor;

import java.util.List;

import javax.servlet.http.HttpServletRequest;

import br.com.caelum.vraptor.Result;

import com.definity.security.common.Role;
import com.definity.security.common.User;

public class SessionSecurityInterceptor extends AbstractSecurityInterceptor {

	public SessionSecurityInterceptor(Result result, HttpServletRequest request) {
		super(result, request);
	}
	
	protected boolean hasRoles(User user, List<String> roleNames) {
		boolean found = roleNames.isEmpty();
		
		if (!found) {
			for (Role role : user.getRoles()) {
				if (roleNames.contains(role.getName())) {
					found = true;
					break;
				}
			}
		}
		return found;
	}
	
	protected User getUser() {
		return (User) request.getSession().getAttribute("dwtuser");
	}

}
